aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordvserg <dv_serg@mail.ru>2011-01-03 00:39:03 +0300
committerdvserg <dv_serg@mail.ru>2011-01-03 00:39:03 +0300
commit4fc28f4f28f865773def1cebb722e6fa952a00a4 (patch)
tree0a90983ca6cf6f0185196f8fc3cff6c0eb4de4cd
parentdc1b5278a45acaa35a08e55e0fb4ca79d833d614 (diff)
downloadpfsense-packages-4fc28f4f28f865773def1cebb722e6fa952a00a4.tar.gz
pfsense-packages-4fc28f4f28f865773def1cebb722e6fa952a00a4.tar.bz2
pfsense-packages-4fc28f4f28f865773def1cebb722e6fa952a00a4.zip
squidGuard change blacklist
-rw-r--r--config/squidGuard/squidguard.inc162
-rw-r--r--config/squidGuard/squidguard_configurator.inc170
2 files changed, 163 insertions, 169 deletions
diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc
index 12e52e35..5d78b0da 100644
--- a/config/squidGuard/squidguard.inc
+++ b/config/squidGuard/squidguard.inc
@@ -1,7 +1,7 @@
<?php
# ------------------------------------------------------------------------------
/* squidguard.inc
- (C)2006-2008 Serg Dvoriancev
+ (C)2006-2011 Serg Dvoriancev
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
@@ -33,50 +33,39 @@ require_once('pkg-utils.inc');
require_once('filter.inc');
require_once('service-utils.inc');
require_once('squidguard_configurator.inc');
-# ------------------------------------------------------------------------------
-define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid');
-define('SQUIDGUARD_CONFFILE', '/squidguard.conf');
-define('SQUIDGUARD_CONFXML', '/squidguard_conf.xml');
-define('SQUIDGUARD_BINPATH', '/usr/local/bin');
-define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard');
-define('SQUIDGUARD_LOGDIR', '/var/squidGuard/log');
-define('SQUIDGUARD_DBHOME', '/var/db/squidGuard');
-
-define('SQUIDGUARD_WEBGUI_LOG', '/squidguard_gui.log');
-define('SQUIDGUARD_WEBGUI_HISTORY_LOG', '/squidguard_gui_history.log');
# ------------------------------------------------------------------------------
-
-define('F_NAME', 'name');
-define('F_DEST', 'dest');
-define('F_SOURCE', 'source');
-define('F_DESTINATION', 'dest');
-define('F_REWRITE', 'rewrite');
-define('F_REDIRECT', 'redirect');
-define('F_TIME', 'time');
-define('F_OVERDESTINATION', 'overdestination');
-define('F_OVERREWRITE', 'overrewrite');
-define('F_OVERREDIRECT', 'overredirect');
-define('F_TARGETURL', 'targeturl');
-define('F_REPLACETO', 'replaceto');
-define('F_TIMETYPE', 'timetype');
-define('F_TIMEDAYS', 'timedays');
-define('F_DATERANGE', 'daterange');
-define('F_TIMERANGE', 'sg_timerange');
-define('F_IPLIST', 'iplist');
-define('F_DESCRIPTION', 'description');
-define('F_EXPRESSIONS', 'expressions');
-define('F_DOMAINS', 'domains');
-define('F_URLS', 'urls');
-define('F_DISABLED', 'disabled');
-define('F_SQUIDGUARDENABLE','squidguard_enable');
-define('F_BLACKLIST', 'blacklist');
-
+# fields
+define('F_NAME', 'name');
+define('F_DEST', 'dest');
+define('F_SOURCE', 'source');
+define('F_DESTINATION', 'dest');
+define('F_REWRITE', 'rewrite');
+define('F_REDIRECT', 'redirect');
+define('F_TIME', 'time');
+define('F_OVERDESTINATION', 'overdestination');
+define('F_OVERREWRITE', 'overrewrite');
+define('F_OVERREDIRECT', 'overredirect');
+define('F_TARGETURL', 'targeturl');
+define('F_REPLACETO', 'replaceto');
+define('F_TIMETYPE', 'timetype');
+define('F_TIMEDAYS', 'timedays');
+define('F_DATERANGE', 'daterange');
+define('F_TIMERANGE', 'sg_timerange');
+define('F_IPLIST', 'iplist');
+define('F_DESCRIPTION', 'description');
+define('F_EXPRESSIONS', 'expressions');
+define('F_DOMAINS', 'domains');
+define('F_URLS', 'urls');
+define('F_DISABLED', 'disabled');
+define('F_SQUIDGUARDENABLE', 'squidguard_enable');
+define('F_BLACKLIST', 'blacklist');
+# prefixes
define('PREF_UPTIME', 'uptime_');
define('PREF_UPTIME_DENY', 'uptimedeny_');
define('PREF_OVERTIME', 'overtime_');
define('PREF_OVERTIME_DENY', 'overtimedeny_');
-
+# modules
define('MODULE_GENERAL', 'squidguardgeneral');
define('MODULE_DEFAULT', 'squidguarddefault');
define('MODULE_ACL', 'squidguardacl');
@@ -85,18 +74,16 @@ define('MODULE_REWRITE', 'squidguardrewrite');
define('MODULE_SOURCE', 'squidguardsrc');
define('MODULE_TIME', 'squidguardtime');
define('MODULE_LOG', 'squidguardlog');
-
-define('BLACKLIST_DEFAULT_URL', 'http://ftp.teledanmark.no/pub/www/proxy/squidGuard/contrib/blacklists.tar.gz'); # 360Kb
+# blacklist
+define('BLACKLIST_DEFAULT_URL', 'http://squidguard.mesd.k12.or.us/blacklists.tgz'); # 5Mb
define('BLACKLIST_DEFAULT_URL1', 'http://www.shallalist.de/Downloads/shallalist.tar.gz'); # ~7Mb
-define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz');
-define('BLACKLIST_BTN_URL', 'Upload Url');
-define('BLACKLIST_BTN_LAST', 'Restore last');
-
-define('BLACKLIST_LOGFILE', 'blacklist.log');
-define('APPLY_BTN', 'Apply');
-define('WEBGUI_HISTORY_LOG', 'on');
-define('TEST_LOG', '/var/tmp/sqtest.test');
-define('SAFESEARCH', 'safesearch');
+define('BLACKLIST_TMP_FILE', '/var/tmp/blacklists.tar.gz');
+define('BLACKLIST_BTN_URL', 'Upload Url');
+define('BLACKLIST_BTN_DEFAULT', 'Restore default');
+define('BLACKLIST_LOGFILE', 'blacklist.log');
+#
+define('APPLY_BTN', 'Apply');
+define('SAFESEARCH', 'safesearch');
# ==============================================================================
# Initialization
@@ -328,9 +315,9 @@ function squidguard_resync() {
}
# blacklist restore last (if exists)
- if ($submit == BLACKLIST_BTN_LAST) {
- restore_arc_blacklist();
- }
+ if ($submit == BLACKLIST_BTN_DEFAULT) {
+ restore_arc_blacklist();
+ }
# apply changes
//if ($submit == APPLY_BTN) {
@@ -535,22 +522,24 @@ function squidguard_before_form_acl($pkg, $is_acl=true) {
# --- Destinations ---
# User destinations
if ($squidguard_config[F_DESTINATIONS]) {
- foreach($squidguard_config[F_DESTINATIONS]['item'] as $dst)
+ foreach($squidguard_config[F_DESTINATIONS]['item'] as $dst) {
$dest_items[] = array ('name'=>$dst[F_NAME],
'upt_value'=>$acls_up[$dst[F_NAME]],
'ovt_value'=>$acls_over[$dst[F_NAME]],
'description'=>$dst[F_DESCRIPTION]);
+ }
}
# Blacklist
if ($squidguard_config[F_BLACKLISTENABLED] === 'on') {
$blk_entries = sg_entries_blacklist();
if (!empty($blk_entries)) {
- foreach($blk_entries as $dst)
+ foreach($blk_entries as $dst) {
$dest_items[] = array ('name'=>$dst,
'upt_value'=>$acls_up[$dst],
'ovt_value'=>$acls_over[$dst],
'description'=>'');
+ }
}
}
@@ -602,16 +591,6 @@ function squidguard_before_form_acl($pkg, $is_acl=true) {
}
# -----------------------------------------------------------------------------
-# squidguard_before_form_log - must be deleted
-# -----------------------------------------------------------------------------
-define('LOGSHOW_BUFSIZE', 16384);
-
-function squidguard_before_form_log($pkg)
-{
-# delete me
-}
-
-# -----------------------------------------------------------------------------
# make_grid_general_items
# -----------------------------------------------------------------------------
function make_grid_general_items($id = '')
@@ -649,7 +628,7 @@ function make_grid_blacklist() {
$res = '';
# button 'Upload URL' and button 'Restore last blacklist'
$res = "<hr><input name='submit' value='" . BLACKLIST_BTN_URL . "' type='submit'>";
- $res .= "&nbsp;<input name='submit' value='" . BLACKLIST_BTN_LAST . "' type='submit'>";
+ $res .= "&nbsp;<input name='submit' value='" . BLACKLIST_BTN_DEFAULT . "' type='submit'>";
return $res;
}
@@ -677,11 +656,13 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$x = 0;
}
- $name = $item['name'];
+ $name = trim($item['name']);
$upt_val = $item['upt_value'];
$ovt_val = $item['ovt_value'];
$description = $item['description'];
+ if (!$name) continue; # skip empty
+
$sel = "selected=\"selected\"";
$upt_A = $upt_B = $upt_C = $upt_D = '';
switch($upt_val) {
@@ -707,7 +688,7 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$tbl .= "<td $color>$description [$name]</td>";
$tbl .= "<td $color>access</td>";
$tbl .= "<td $color><select id=$tnm name=\"$tnm\">";
- if (substr_count($name, "all") === 0) {
+ if ($name !== "all"/*substr_count($name, "all") === 0*/) {
$tbl .= "<option value=none name=\"----\" $upt_A>----</option>";
$tbl .= "<option value=white name=\"white\" $upt_C>whitelist</option>";
$tbl .= "<option value=deny name=\"deny\" $upt_D>deny </option>";
@@ -726,9 +707,9 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$tbl .= "<td $color>$description [$name]</td>";
$tbl .= "<td $color>access</td>";
$tbl .= "<td $color><select id=$tnm name=\"$tnm\">";
- if (substr_count($name, "all") === 0) {
+ if ($name !== "all"/*substr_count($name, "all") === 0*/) {
$tbl .= "<option value=none name=\"----\" $ovt_A>----</option>";
- $tbl .= "<option value=white name=\"white\" $ovt_C>white</option>";
+ $tbl .= "<option value=white name=\"white\" $ovt_C>whitelist</option>";
$tbl .= "<option value=deny name=\"deny\" $ovt_D>deny </option>";
$tbl .= "<option value=allow name=\"allow\" $ovt_B>allow</option>";
}
@@ -745,13 +726,13 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
if (!empty($tbl)) {
$color = 'style="background-color: #dddddd;"';
$thdr = '';
- $hdr1up = "<big>Destination rules</big>";
- $hdr1ov = "<big>Destination rules in overtime</big>";
+ $hdr1up = "<big>Destination Categories</big>";
+ $hdr1ov = "<big>Destination Categories in overtime</big>";
$hds3 = "ACCESS: 'whitelist' - always pass; 'deny' - block; 'allow' - pass, if not blocked.";
if ($enable_overtime) {
$thdr .= "<tr><td colspan='8' align=left>$hds3</td></tr>";
$thdr .= "<tr $color><th colspan='4' align=middle>$hdr1up</th><th colspan='4' align=middle>$hdr1ov</th></tr>";
- $thdr .= "<tr $color><td colspan='4' align=middle></td><td colspan='4' align=middle>If <b>'Time'</b> not defined, this ruleset will be ignored</td></tr>";
+ $thdr .= "<tr $color><td colspan='4' align=middle></td><td colspan='4' align=middle>If <b>'Time'</b> not defined, this is column will be ignored.</td></tr>";
# formatting
$thdr .= "<tr><td/><td width='35%'/><td/><td/><td/><td width='35%'/><td/><td/></tr>";
}
@@ -765,9 +746,9 @@ function make_grid_controls($type, $items, $enable_overtime = true) {
$res .= "<table cellspacing='0' width='100%'> $thdr $tbl </table>";
$rstyle = "";
- $ha = "<div $color>" .
+ $ha = "<div $color>" .
"<span onClick='document.getElementById(\"destrules\").style.display = \"block\";' style=\"cursor: pointer;\">" .
- "<font size='-12'><big>Destination ruleset (click)</big>&nbsp;" .
+ "<font size='-12'><big>Destination Categories (click)</big>&nbsp;" .
"<img src='./themes/{$g['theme']}/images/icons/icon_pass.gif' title='Show rules'>&nbsp;" .
"</span>" .
"<span style=\"cursor: pointer;\">" .
@@ -811,7 +792,7 @@ function sg_check_unique_name($module_id, $name, $log='') {
function sg_check_reserved_name($name, $log='')
{
$res = true;
- $reserved = array("acl", "all", "dbhome", "default", "dest", "in-addr", "log", "logdir", "none", "pass", "rew", "src", "url", "user");
+ $reserved = array("acl", "all", "allow", "dbhome", "default", "dest", "in-addr", "log", "logdir", "none", "pass", "rew", "src", "url", "user");
if (in_array(strtolower(trim($name)), $reserved)) {
$res = false;
@@ -829,13 +810,18 @@ function squidguard_install_command() {
sg_check_system();
# generate squidGuard blacklist entries file (check with squidGuard PORT)
- conf_mount_rw();
- $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking",
- "mail", "porn", "proxy", "violence", "warez");
- file_put_contents(SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES, implode("\n", $entries));
+# conf_mount_rw();
+ $blklist_file = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES;
+
+ # рассмотреть вариант слияния examples базы и существующей в системе
+ if (!file_exists($blklist_file)) {
+ # if blacklist not exists, then copy default db from samples
+# $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking", "mail", "porn", "proxy", "violence", "warez");
+# file_put_contents($blklist_file, implode("\n", $entries));
+ }
set_file_access(SQUIDGUARD_WORKDIR, OWNER_NAME, 0755);
set_file_access(SQUIDGUARD_DBHOME, OWNER_NAME, 0755);
- conf_mount_ro();
+# conf_mount_ro();
sg_reconfigure();
}
@@ -845,12 +831,14 @@ function squidguard_deinstall_command() {
# remove entries from squid config
squid_reconfigure('remove redirector options');
+ # Note: When you reinstall should remain Database
+
# remove package and his depends
- mwexec("pkg_delete squidGuard-1.2.0_1");
- mwexec("rm -rf " . SQUIDGUARD_WORKDIR);
+ #mwexec("pkg_delete squidGuard-1.2.0_1");
+ #mwexec("rm -rf " . SQUIDGUARD_WORKDIR);
# i known't, really need delete blacklist base?
- mwexec("rm -rf " . SQUIDGUARD_DBHOME);
- mwexec("/bin/rm -f " . SQUIDGUARD_CONFBASE . "/squidGuard*");
+ #mwexec("rm -rf " . SQUIDGUARD_DBHOME);
+ #mwexec("/bin/rm -f " . SQUIDGUARD_CONFBASE . "/squidGuard*");
}
# ------------------------------------------------------------------------------
@@ -1281,13 +1269,13 @@ function squidguard_squid_conflist( )
# get squidguard config list
function squidguard_conflist( )
{
- $fname = SQUIDGUARD_CONFBASE_DEF . SQUIDGUARD_CONFIGFILE;
+ $fname = SQUIDGUARD_CONFBASE . SQUIDGUARD_CONFIGFILE;
$res = "";
if (file_exists( $fname ))
$res = file_get_contents( $fname );
else $res = "File '$fname' not found.";
-
+
return $res;
}
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index 035ab734..5c90d307 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -1,7 +1,7 @@
<?php
# ------------------------------------------------------------------------------
/* squidguard_configurator.inc
- (C)2006-2008 Serg Dvoriancev
+ (C)2006-2011 Serg Dvoriancev
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
@@ -50,14 +50,15 @@ require_once('filter.inc');
require_once('service-utils.inc');
require_once('squid.inc');
-/* Allow additional execution time 0 = no limit. */
+# ------------------------------------------------------------------------------
+# Allow additional execution time 0 = no limit
+# ------------------------------------------------------------------------------
ini_set('max_execution_time', '3600');
ini_set('max_input_time', '3600');
ini_set('memory_limit', '100M');
-#
+# ------------------------------------------------------------------------------
# ToDo ! Must use all settings via $squidguard_config !
-# Add check names for reserved words 'none, all, default, no-ip, block'
# Sdelat rewrite dlya smeny skachivaniya
# ------------------------------------------------------------------------------
@@ -79,21 +80,14 @@ define('CONFIG_SG_HEADER', "
# ============================================================
");
-define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'");
-
# ------------------------------------------------------------------------------
# squid config options
# ------------------------------------------------------------------------------
-define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
-define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
-define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
-define('REDIRECT_CHILDREN_OPT', 'redirect_children');
-
-# ------------------------------------------------------------------------------
-# setup count redirector processes will started
-# * for big count users service increase this option, but you need use this on powerful system
-# ------------------------------------------------------------------------------
-define('REDIRECTOR_PROCESS_COUNT', '3');
+define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
+define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
+define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
+define('REDIRECT_CHILDREN_OPT', 'redirect_children');
+define('REDIRECTOR_PROCESS_COUNT', '3'); # redirector processes count will started
# ------------------------------------------------------------------------------
# squidguard config options
@@ -106,48 +100,49 @@ define('REDIRECT_BASE_URL', '/sgerror.php');
define('REDIRECT_URL_ARGS', '&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u');
# ------------------------------------------------------------------------------
-# squidguard system defines
+# squidguard system constants
# ------------------------------------------------------------------------------
-define('SQUID_CONFIGFILE', '/usr/local/etc/squid/squid.conf');
-define('TMP_DIR', '/var/tmp');
-
-define('SQUIDGUARD_CONFIGFILE', '/squidGuard.conf');
-define('SQUIDGUARD_CONFLOGFILE', '/sg_configurator.log');
-define('SQUIDGUARD_LOGFILE', 'block.log');
-define('SQUIDGUARD_CONFBASE_DEF', '/usr/local/etc/squid');
-define('SQUIDGUARD_LOGDIR_DEF', '/tmp');
-define('SQUIDGUARD_WORKDIR_DEF', '/usr/local/etc/squidGuard');
-define('SQUIDGUARD_BINPATH_DEF', '/usr/local/bin');
-define('SQUIDGUARD_TMP', '/var/tmp/squidGuard'); # SG temp
-define('SQUIDGUARD_VAR', '/var/squidGuard'); # SG variables
-define('SQUIDGUARD_STATE', '/squidGuard.state');
-define('SQUIDGUARD_REBUILD', '/squidGuard.rebuild');
-
-define('SQUIDGUARD_SCR_LOGROTATE', '/usr/local/etc/rc.d/squidGuard_logrotate'); # Logrotate script
-
+define('SQUID_CONFIGFILE', '/usr/local/etc/squid/squid.conf');
+define('TMP_DIR', '/var/tmp');
+#
+define('SQUIDGUARD_CONFIGFILE', '/squidGuard.conf');
+define('SQUIDGUARD_CONFLOGFILE', '/sg_configurator.log');
+define('SQUIDGUARD_LOGFILE', 'block.log');
+define('SQUIDGUARD_CONFBASE', '/usr/local/etc/squid');
+define('SQUIDGUARD_WORKDIR', '/usr/local/etc/squidGuard');
+define('SQUIDGUARD_BINPATH', '/usr/local/bin');
+define('SQUIDGUARD_TMP', '/var/tmp/squidGuard'); # SG temp
+define('SQUIDGUARD_VAR', '/var/squidGuard'); # SG variables
+define('SQUIDGUARD_STATE', '/squidGuard.state');
+define('SQUIDGUARD_REBUILD', '/squidGuard.rebuild');
+define('SQUIDGUARD_CONFXML', '/squidguard_conf.xml');
+define('SQUIDGUARD_DBHOME', '/var/db/squidGuard');
+define('SQUIDGUARD_DBSAMPLE', '/var/db/squidGuard.sample');
+define('SQUIDGUARD_LOGDIR', '/var/squidGuard/log');
+define('SQUIDGUARD_WEBGUI_LOG', '/squidguard_gui.log');
+define('SQUIDGUARD_WEBGUI_HISTORY_LOG', '/squidguard_gui_history.log');
+#
+define('SQUIDGUARD_SCR_LOGROTATE', '/usr/local/etc/rc.d/squidGuard_logrotate'); # Logrotate script
+#
# DB home catalog contains 'Blacklist' and 'User' sub-catalogs
-define('SQUIDGUARD_DBHOME_DEF', '/var/db/squidGuard');
-define('SQUIDGUARD_DB_BLACKLIST', '/bl');
-define('SQUIDGUARD_DB_USER', '/usr');
-define('SQUIDGUARD_BL_UNPACK', '/unpack');
-define('SQUIDGUARD_BL_DB', '/db');
-
+define('SQUIDGUARD_DB_BLACKLIST', '/bl');
+define('SQUIDGUARD_DB_USER', '/usr');
+define('SQUIDGUARD_BL_UNPACK', '/unpack');
+define('SQUIDGUARD_BL_DB', '/db');
+#
# DB/Blacklist defines
-define('SQUIDGUARD_BLK_ENTRIES', '/blacklist.files');
-define('BLACKLIST_ARCHIVE', '/blacklists.tar');
-define('BLK_LOCALFILE', '/root/sg_blacklists.tar');
-define('DB_REBUILD_SH', '/tmp/squidGuard_db_rebuild.sh');
-define('DB_REBUILD_CONF', '/tmp/squidGuard_db_rebuild.conf');
-define('DB_REBUILD_BLK_CONF', '/squidGuard_blk_rebuild.conf');
-define('BLK_TEMP', '/tmp/sg_blk');
-define('SG_BLK_ARC', '/arcdb'); # blk db archive
-define('SG_INFO_FILE', '/var/squidGuard/sg_db_upd.inf');
-
-# error_res
-define('SG_ERR0', "Error! Check squidGuard configuration data.");
+define('SQUIDGUARD_BLK_ENTRIES', '/blacklist.files');
+define('BLACKLIST_ARCHIVE', '/blacklists.tar');
+define('BLK_LOCALFILE', '/root/sg_blacklists.tar');
+define('DB_REBUILD_SH', '/tmp/squidGuard_db_rebuild.sh');
+define('DB_REBUILD_CONF', '/tmp/squidGuard_db_rebuild.conf');
+define('DB_REBUILD_BLK_CONF', '/squidGuard_blk_rebuild.conf');
+define('BLK_TEMP', '/tmp/sg_blk');
+define('SG_BLK_ARC', '/arcdb'); # blk db archive
+define('SG_INFO_FILE', '/var/squidGuard/sg_db_upd.inf');
# ==============================================================================
-# DEFINES
+# CONSTANTS
# ==============================================================================
# redirect mode
define('RMOD_NONE', 'rmod_none');
@@ -159,11 +154,14 @@ define('RMOD_EXT_ERR', 'rmod_ext_err');
define('RMOD_EXT_RDR', 'rmod_ext_rdr');
define('RMOD_EXT_MOVED', 'rmod_ext_mov');
define('RMOD_EXT_FOUND', 'rmod_ext_fnd');
-
-# 0-error, 1-warning; 2-info
-define('SQUIDGUARD_INFO', 2);
-define('SQUIDGUARD_WARNING', 1);
-define('SQUIDGUARD_ERROR', 0);
+# Log level: 0-error, 1-warning; 2-info
+define('SQUIDGUARD_INFO', 2);
+define('SQUIDGUARD_WARNING', 1);
+define('SQUIDGUARD_ERROR', 0);
+# error_res
+define('SG_ERR0', "Error! Check squidGuard configuration data.");
+#
+define('ACL_WARNING_ABSENSE_PASS', "!WARNING! Absence PASS 'all' or 'none' added as 'none'");
# ==============================================================================
# OPTIONS
@@ -270,9 +268,9 @@ define('F_CURRENT_LAN_IP', 'current_lan_ip');
define('F_CURRENT_GUI_PORT', 'current_gui_port');
define('F_CURRENT_GUI_PROTO', 'current_gui_protocol');
-# ------------------------------------------------------------------------------
+# ==============================================================================
# Globals
-# ------------------------------------------------------------------------------
+# ==============================================================================
$squidguard_config = array(); # squidGuard config array
# call default init
@@ -288,12 +286,12 @@ function sg_init($init = '')
$squidguard_config = array();
if(empty($init) or !is_array($init) ) {
# default init (for generate minimal config)
- $squidguard_config[F_LOGDIR] = SQUIDGUARD_LOGDIR_DEF;
- $squidguard_config[F_DBHOME] = SQUIDGUARD_DBHOME_DEF;
- $squidguard_config[F_WORKDIR] = SQUIDGUARD_WORKDIR_DEF;
- $squidguard_config[F_BINPATH] = SQUIDGUARD_BINPATH_DEF;
+ $squidguard_config[F_LOGDIR] = SQUIDGUARD_LOGDIR;
+ $squidguard_config[F_DBHOME] = SQUIDGUARD_DBHOME;
+ $squidguard_config[F_WORKDIR] = SQUIDGUARD_WORKDIR;
+ $squidguard_config[F_BINPATH] = SQUIDGUARD_BINPATH;
$squidguard_config[F_SQUIDCONFIGFILE] = SQUID_CONFIGFILE;
- $squidguard_config[F_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT;
+ $squidguard_config[F_PROCCESSCOUNT] = REDIRECTOR_PROCESS_COUNT;
} else {
# copy config from $init
foreach($init as $key => $in)
@@ -340,7 +338,7 @@ function sg_save_configxml($filename)
function sg_reconfigure()
{
global $squidguard_config;
- $conf_file = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFIGFILE;
+ $conf_file = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFIGFILE;
# 1. check system
sg_check_system();
@@ -680,7 +678,7 @@ function sg_addlog($module, $log, $level = 0)
}
$logfile = '';
- $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE;
+ $logfile = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE;
$log_content = array();
setlocale(LC_TIME, '');
@@ -713,7 +711,7 @@ function sg_getlog($last_entries_count)
{
global $squidguard_config;
$log_content = '';
- $logfile = SQUIDGUARD_LOGDIR_DEF . SQUIDGUARD_CONFLOGFILE;
+ $logfile = SQUIDGUARD_LOGDIR . SQUIDGUARD_CONFLOGFILE;
# define logfile
if (!empty($squidguard_config) && file_exists($squidguard_config[F_LOGDIR]))
@@ -920,7 +918,7 @@ function sg_create_config()
$sg_tag->items[] = "s@{$rw[F_TARGETURL]}@{$rw[F_REPLACETO]}@{$rw[F_MODE]}";
if ($squidguard_config[F_ENABLELOG] == 'on' ) {
- if ($rew[F_LOG])
+ if ($rew[F_LOG])
$sg_tag->items[] = "log " . SQUIDGUARD_LOGFILE;
}
@@ -1485,8 +1483,8 @@ function sg_update_blacklist($from_file)
{
global $squidguard_config;
conf_mount_rw();
- $dbhome = SQUIDGUARD_DBHOME_DEF;
- $workdir = SQUIDGUARD_WORKDIR_DEF;
+ $dbhome = SQUIDGUARD_DBHOME;
+ $workdir = SQUIDGUARD_WORKDIR;
$tmp_unpack_dir = SQUIDGUARD_TMP . SQUIDGUARD_BL_UNPACK;
$arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC;
@@ -1571,7 +1569,7 @@ function sg_update_blacklist($from_file)
# copy temp db to '/var/db/squidGuard (-R - recursive; -p - copy access rights)
# '$bl_temp_dbhome/' - slash in end of path - copy only dir content (not self dir)
$sh_scr[] = "cp -R -p $arc_db_dir/ $dbhome";
- $sh_scr[] = "cp -f -p $blklist_file " . SQUIDGUARD_WORKDIR_DEF;
+ $sh_scr[] = "cp -f -p $blklist_file " . SQUIDGUARD_WORKDIR;
# set DB owner and right access
$sh_scr[] = "chown -R -v " . OWNER_NAME . " $dbhome";
$sh_scr[] = "chmod -R -v 0755 $dbhome";
@@ -1615,7 +1613,7 @@ function sg_entries_blacklist()
global $squidguard_config;
$contents = '';
- $fl = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES;
+ $fl = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES;
if (file_exists($squidguard_config[F_WORKDIR]))
$fl = $squidguard_config[F_WORKDIR] . SQUIDGUARD_BLK_ENTRIES;
if (file_exists($fl))
@@ -1726,23 +1724,31 @@ function scan_dir($dir)
function restore_arc_blacklist()
{
global $squidguard_config;
- $dbhome = SQUIDGUARD_DBHOME_DEF;
- $blklist_file = SQUIDGUARD_WORKDIR_DEF . SQUIDGUARD_BLK_ENTRIES;
- $arc_db_dir = SQUIDGUARD_VAR . SG_BLK_ARC;
+ $dbhome = SQUIDGUARD_DBHOME;
+ $blklist_file = SQUIDGUARD_WORKDIR . SQUIDGUARD_BLK_ENTRIES;
+ $arc_db_dir = SQUIDGUARD_DBSAMPLE;
$arc_blklist_file = SQUIDGUARD_VAR . SQUIDGUARD_BLK_ENTRIES;
if (file_exists($arc_db_dir) and file_exists($arc_blklist_file)) {
- conf_mount_rw();
+# conf_mount_rw();
# copy arc blacklist to work DB with permissions
mwexec("cp -R -p $arc_db_dir/ $dbhome");
set_file_access($dbhome, OWNER_NAME, 0755);
sg_addlog("restore_arc_blacklist", "Restore blacklist archive from '$arc_db_dir'.", SQUIDGUARD_INFO);
- # copy black list file
- copy($arc_blklist_file, $blklist_file);
+ $blklist = "";
+ $files = scan_dir("$arc_db_dir/");
+ foreach ($files as $fl) {
+ $blklist .= $fl . "\n";
+ }
+ file_put_contents($blklist_file, $blklist);
set_file_access($blklist_file, OWNER_NAME, 0755);
- sg_addlog("restore_arc_blacklist", "Restore black list file from '$arc_blklist_file' to '$blklist_file'.", SQUIDGUARD_INFO);
- conf_mount_ro();
+
+ # copy black list file
+# copy($arc_blklist_file, $blklist_file);
+# set_file_access($blklist_file, OWNER_NAME, 0755);
+# sg_addlog("restore_arc_blacklist", "Restore black list file from '$arc_blklist_file' to '$blklist_file'.", SQUIDGUARD_INFO);
+# conf_mount_ro();
} else {
sg_addlog("restore_arc_blacklist", "File '$arc_db_dir' or '$blklist_file' not found.", SQUIDGUARD_ERROR);
}
@@ -2143,7 +2149,7 @@ function sg_script_logrotate()
{
global $squidguard_config;
$sglogname = $squidguard_config[F_LOGDIR] . "/" . SQUIDGUARD_LOGFILE;
- $res =
+ $res =
<<<EOD
#!/bin/sh
#